cbcvebase.
CVE-2022-4044
published 2022-11-23

CVE-2022-4044: A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages.

PriorityP427medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EPSS
1.07%
60.7th percentile
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages.

Affected

7 ranges
VendorProductVersion rangeFixed in
github.commattermost_mattermost-server>= 0 < 7.1.47.1.4
github.commattermost_mattermost-server>= 7.2.0 < 7.2.17.2.1
github.commattermost_mattermost-server>= 7.3.0 < 7.3.17.3.1
mattermostmattermost< 7.47.4
mattermostmattermost1.0.0 – 7.1.3
mattermostmattermost>= 7.2.0 < 7.2.17.2.1
mattermostmattermost>= 7.3.0 < 7.3.17.3.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.